Sonatype

×

Lesson

Course Summary

Congratulations!You have completed this course.  You are now able to: Objective one statement Objective two statement Objective three statement Add/Remove as needed Resources Need more help? We have you covered: community.sonatype.com for asking questions and connecting with the Nexus Community my.sonatype.com for all things Sonatype help.sonatype.com for step-by-step instructions <Product> Specific (Examples below) NXRM3 Help Page Getting Started with NXRM3 …

Course Summary Read More »

Defining InnerSource

What is Innersource? Innersource is not a product or service that you buy and install on your network. It is instead a term that refers to the overall workflow, methodology, community, and culture that optimizes an organization for open source style collaboration. Long story short, InnerSource refers to bringing the core principles of open source …

Defining InnerSource Read More »

Welcome

What if you could reduce the number of transitive dependencies that come directly from open source projects from within your own organization? AND provide a means to reduce the number of transitive dependencies that you need to remediate? You spend a lot of time manually remediating transitive dependency, aka ‘noise’. Sometimes that noise comes from …

Welcome Read More »

Course Summary

Congratulations!  You have completed this course, and are now able to: Define the Nexus Infrastructure as Code Pack Articulate the benefits of the IaC Pack to users and their organizations Describe the types of misconfigurations and vulnerabilities that can be found when using infrastructure as code templates Describe how to use the IaC Pack with …

Course Summary Read More »

Course Summary

Congratulations!  You have completed this course, and are now able to: Define the Nexus Infrastructure as Code Pack Articulate the benefits of the IaC Pack to users and their organizations Describe the types of misconfigurations and vulnerabilities that can be found when using infrastructure as code templates Describe how to use the IaC Pack with …

Course Summary Read More »

Welcome

In this feature-specific course, you’ll learn how to use the Infrastructure as Code (IaC) Pack to discover cloud security and compliance issues with Infrastructure as Code (IaC) terraform analysis. IaC Pack enables development teams to receive immediate feedback on cloud misconfigurations before they surface in production. Questions for Reflection Complete the following activity. There are …

Welcome Read More »

Course Summary

Congratulations!You have completed this course.  You are now able to: Address and mitigate risk so that you can ship quickly Discuss the concept of defining intent through policy Identify what sort of developer level techniques and practices can you adopt early on to be in a good position to maintain a secure application Quickly identify which …

Course Summary Read More »

Running Scans

Take a look at the Running Scans section of our Lifecycle Scanning technical guide and you will see for each language / ecosystem: The available package managers Scan Target(s) How to Scan links Available Data Tips including best practices that we have compiled while working with customers Note: You’ll also notice that some package managers …

Running Scans Read More »

Developer Perspective

For something completely different, we offer you a macro level view where you can quickly identify which of your dependencies are direct and which are transitive (the dependencies of those dependencies). And with our reliance on third-party dependencies comes the realization that things can get messy quickly, especially when a direct dependency pulls in another …

Developer Perspective Read More »